Microsoft Licensing Compliance - TimbukTech Takes You There

Are you ready for a Microsoft licensing audit? Do you have an inventory system of how many machines have a certain software package that has been copied too many times without the proper licensing attached? Fines and penalties can make non-adherence a financial nightmare for those who choose to ignore the rules. The question is not, if you will have an audit, but when. TimbukTech can review all your devices and prepare a report outlining your compliance to date and move you toward reconciliation. Microsoft tends to look favorably on those who realize they have a problem and are working on rectification versus those who simply do not care.

Open licensing can be a great resource because it saves you money and offers the ability for software to be used for a certain number of users or machines, providing flexibility versus the off-the-shelf or OEM (original equipment manufacturer) versions. Open licensing is generally available for larger institutions such as government/healthcare/education and some non-profits. Volume licensing for commercial enterprises also offers the same flexibility with discounted pricing offering uniformity in platforms across your company along with the adaptability of a three-year support agreement.

Office 365 is a good example of the flexibility afforded in choosing the components of an employee workload and the software needed to do their job. Office 365 is customizable and provides support and tools available to assist the user in task completion. It also comes with the latest live updates and formatting changes that keep your team viable with modern equipment and resources. Windows is also available as a per user SAAS (software as a service) that will keep you in compliance.

The days of buying one software license and sharing it around the office are over. Microsoft is making it easier and more affordable everyday to have access to their product offering and services. Get on board and get your licensing ducks-in-a-row! We can help!


Windows Server DNS Vulnerability Bug - Our Managed Services Clients Received Same-day Protection

In the recent past, a Microsoft Windows Server DNS vulnerability bug was discovered that left millions vulnerable to a security breach.  That same day, our managed services team created a script and pushed it to our clients to manage the open exposure.

Our team has the experience to solve problems, not just patch them and pretend the problem will go away. Having an IT tech that only patches bugs for today in hopes that maybe your network won’t cross the path of an online intruder – is simply a dangerous endeavor.  Our team of IT professionals are very talented, smart people who can create code that dives deep into the jeopardous terrain, to resurface with a solution ready to be deployed.

Obviously, businesses without any proactive IT support are left vulnerable as Microsoft has yet to release a patch, only a workaround exists for remediation. Workarounds are just that, a reactionary measure that only skirts around the problem, without solving it. Your business deserves more than a band-aid approach to your IT needs; understanding your network and all the working parts is necessary to providing the best solution.

With managed services, our team can apply the knowledge gained from the last vulnerability and apply that deep-learning component to the next liability. Recurring updates ensure that wherever the latest wormholes arise, proactive managed services will apply the latest software to protect your network. Counter-response behavior is not foresight behavior, your network cannot survive a mom-and-pop, static update. You need live, dynamic updates and a team of solution providers who work with threats daily and know what they are looking for.

You just want your computer and network to work – absolutely – we do too! However, setting the foundation is 100% necessary to the success of making that happen. Just like building a house, if you don’t get the foundation right, you’ll always be susceptible to shifting ground with costly workarounds instead of doing it right the first time. In 2020 and beyond, robust IT networks demand an automated managed services platform with dedicated IT professionals to remediate the complexities – join our list of valuable clients who understand the best defense is a great offense!


join-the-defense-team-site

ProofPoint Email Security Suite

Your people are your greatest business asset—and your weakest security and compliance link. With Proofpoint, you can build a defense that starts with them. BEC scams – Business Email Compromise – look for prey and groom their victims in order to misappropriate money and business intelligence.  Criminals spend time creating scenarios that spoof their identity, creating emails that look like emails you’ve seen in the past, emboldening a sense of familiarity and trust. After your confidence is gained, they zero in on gathering your data by making you think it is safe to click, afterwards it is too late to undo the open door that they walked through.

As more employees are working from home, Proofpoint protection offers remote connection security through cloud-based communication between your archives and active content sources, as well as on-premesis network devices. ProofPoint can set up provisions, allowing team members access to those resources specific to their needs, creating streamlined work-flow rules that organize your business. Data Loss Prevention (DLP) is monitored in an active, ongoing fashion while at use, in motion and at rest, offering a more expansive protection definition.

ProofPoint offers a turn-key approach to protection through spam filtering and phishing protection through its prevention tactics. This software has the capability to prioritize threats and act in accordance, focusing remediation to the most damaging items first. This threat intelligence learns as it is employed in your network and develops its own sort of immunity, creating barriers to cyber threats. Then as it continues to learn, it is enhanced each time a new update or new threat is detected, providing URL defense protection in links inside spoofed emails – assisting in catching the corrupt link before you have a chance to click. Encryption capability is also a major resource of Proofpoint that your business needs to incorporate into everyday activity, especially for regulatory and compliance-driven businesses. Your clients will notice the difference when they see these defensive tactics being utilized as protection for their identity and your business security policies. Many regulatory agencies are demanding these software-as-a-service (SAAS) protocols to enhance cybersecurity.

Proofpoint also offers social media monitoring to track and protect the content of your social media, across all platforms. Proofpoint can apply your specific industry’s regulatory policy and alert you to errors and non-compliance. This intelligent software can be vital to assisting you in accurate advertising policies and shape your compliance patterns in the future. Call TimbukTech today to get started, 309-647-7269.


Sophos - Rugged Business Security Essentials

Sophos is the world’s largest privately held security company offering anti-virus protection like none other before. The software created by Sophos employs the philosophy of heuristic monitoring - evaluating current threats as well as unknown vulnerabilities yet to be discovered. The machine-learning necessary to mediate these threats builds upon a history of traditional anti-virus and known technologies as well as intuitive protocols that seek out modern-day solutions that zero in on encryption detection, live hacking, and exploit prevention. This deep learning technology taps into a realm where the human mind and machine meet – creating algorithms that are buoyed by the thought processes of the brain, along with the intelligence of machines, creating a bulwark line of defense.

Hackers are not just writing assault code as a one-and-done launch of attack. They are sophisticated in that the threats are made to be ongoing and constant, with updates made in real-time to counter any anti-virus that may be pumping out protection. Once the wall has been breached, the hacker can set the stage for a blended attack, from deleting your organizations backups and installing malware/spyware, to installing ransomware  and demanding high dollars for the safe return of your company’s information.

Sophos also offers a centralized dashboard that provides a snapshot review of all active parameters you want to measure and summarizes usage, statistics and many other categories for alerts in real-time. You can test your staff to see where your vulnerabilities lie and receive reports outlining the areas needing remediation and training. Real-time scanning for ransomware, malware, adware, spyware, rootkits, etc. offers capabilities beyond other out-dated, static anti-virus solutions; your business cannot afford to be stuck in the past when malicious threats are lurking, ready to attack and take advantage of old solutions.

TimbukTech can walk you through the capabilities of Sophos and provide a demo to outline all the reporting features available. This is a great way to get a snapshot of where you are now with your vulnerability monitoring and where you could be. You don’t know what you are missing until you do – TimbukTech can prevent you from being surprised by an attack you didn’t see coming. Utilizing deep learning and heuristic monitoring does just that – you need advanced threat protection in this modern age of cybersecurity susceptibility.


Microsoft Teams

Microsoft Teams – Virtual Communication Capabilities

Microsoft Teams is a collaboration app connecting your team, your students, your club – whatever group of people you wish to connect one another in an online setting. Your group must utilize Office 365 to access this app and can access this feature at teams.microsoft.com. This app is customizable to include targeted members of your team as they relate to projects in your business. Pivots allow you to set up channels within a project for further targeted management. For example, if your marketing team has several campaigns they are working on simultaneously, these campaigns can be set up within teams under the general heading and then targeted specifically to only those staff members who are on the particular project. Then the conversation can begin.

 

Teams allows just that group of people to have access to the communication trail for that channel. Teams can chat with one another, create chats within chats for further targeted communication and team members can invite one another to join groups as they become involved with various projects as the project evolves.  Teams can share files, upload videos/images/audio or any rich media to share with the group. Teams can update files in real-time allowing for work efficiencies and access to the latest information for the entire group.

 

Each section of the app allows you to customize how you view your dashboard and only present the relevant information and set notifications for the way you want information to come into your dashboard. You can communicate with one or more individuals at a time within the team and have targeted communications with those teammates as well. Your Outlook calendar is synced with Teams and you can invite teammates to meetings and include presentations related to just that meeting’s agenda and have it saved in one place.

 

Video conferencing is also a feature of Microsoft Teams and has a white board feature for collaboration and brainstorming that is saved as a part of that meeting’s directory. Having direct access to the specific targeted team gains efficiencies and quicker turn around time for deadlines. While the video conference is running, you can chat within teams as well, allowing for greater communication capabilities and saves time for having to follow-up on a to-do list after a meeting – it can all be accomplished inside one meeting.

 

You can customize the app for desktop, web or mobile use and can also bring in third party apps to run within teams for further organization. For example, if you were utilizing the organization project application Trello, or video conferencing Zoom, these can be integrated into the Microsoft Teams app. TimbukTech offers setup and installation of Office 365 and Microsoft Teams – let our expertise bring you and your team forward with technology knowledge that sets your team apart and prepares you for the future. With these tools at the ready, your organization has the capability to achieve a higher level of performance than ever before – empowering technology and human potential together for advanced communication!


VoIP

VoIP Phone Systems – Why Your Business Needs Dynamic Phone System Management

VoIP (Voice Over Internet Protocol) phone systems have evolved from a take-it-or-leave-it option of the past to a can’t-live-without function of the 21st century. With the world moving and changing at record speed, your business needs the functionality to adapt quickly to the fluctuating environment. Analog phone systems do not offer the scalability and remote options available with VoIP and can end up costing more money in the long run. With analog lines, you only get the line, the phone service itself, nothing more. In today’s economy, you need more than just a static service; you need to dynamic service options that move with your business and your clients. Paying per lines instead of per user is more expensive when you compare the overall benefits and packages of a VoIP system and versatility.

 

Your team demands accessibility to the workplace, even when they are not at their desk. Remote workers or staff who are in the field can benefit from a mobile twinning. This feature allows their cell phone to function in the same manner as if they were sitting at their desk. They can take a call in their car, get back to the office and go to their desk and pick up the call and act as if they had been at their desk the entire call, or vice versa – take the call at the desk and then place it on hold and pick it up from a mobile device, all the while the client is taken care of. Taking calls in the field and being able to transfer a call back to the office to get the customer taken care of is a win-win for both parties and allows for efficiencies beyond measure. This cuts down on down-time and wasted calls back and forth between everyone. Getting the client straight to the right person shows the client you are driven to take care of them and will not waste your time.

 

Having to call a carrier for a phone system change is a thing of the past. No one has the time to wait on hold for this when VoIP allows you to customize changes at your fingertips. Your system has a portal or NOC that manages the protocols for each user and can easily be scaled to make changes for holidays, staff on vacation, etc. Hunt groups can be created to stipulate a certain direction the call should flow through as it rings through your organization. For example: A call that comes into your organization meant for the sales team can be programmed to start with Sally and Joe, the customer support team to ring three times, then if they don’t answer, on to Peggy and Bob, the inside sales team with two rings, and then the entire customer support call center so that someone gets the call instead of it going into a voicemail no-mans-land because Sally forgot to set her voicemail up for being out on vacation. This is just one example of how VoIP can target great customer service and silo specific criteria for incoming calls. With VoIP, you have the power to make these changes yourself and remedy problems immediately for every department in your business! TimbukTech will assist you in training or we can make the changes for you – versatility and effectiveness simultaneously.

 

What about Moves-Adds-Changes (MAC)? When new staff are hired or turnover occurs, wouldn’t it be great to add/change the network and program their hunt group to your specific liking? Analog phone lines do not have this functionality and with the way everything moves these days, you need faster options that move with the pace of your business. Each user has their own portal to access call logs/analytics, caller ID, call waiting, call forwarding, voicemail forwarding, conference calling, visual voicemail, text transcription, and CRM integration etc. in order to have more usability to get the client taken care of faster. Especially in this latest environment where almost everyone has had to work from home, this option creates a flexible advantage for your team to function from anywhere. The end user does not need to know where you are because it functions as if you were in the office. This feature can allow you to create new work opportunities for your staff to function from any location, giving them unlimited capabilities for work and time with family. What if a staff member asked you to travel to Colorado for two weeks, they worked during the day and then had time with friends and family at night? You just became the office hero!

 

Whether your VoIP system is on premises or hosted, TimbukTech has the experience and know-how to set you up immediately!


Why Choose Office 365? Savvy Business Results Await….

Are you tired of passing around the same spreadsheet to members of a team only to be faced with comments like, “I didn’t have the latest version” and “My changes didn’t get attached”? These complaints are true time wasters creating an unproductive work environment. Switching to an Office 365 subscription will provide your team with up-to-date software and speed like never before!

Featured within Office 356 is Microsoft Teams – a space where teams can collaborate and share information via chat, video conferencing, data storage and application implementation. The best part about Microsoft Teams is the ability to work remotely and connect with clients and staff wherever they may be. TimbukTech will tailor-make the platform for your business needs so that your employees can collaborate on projects that currently live in many different locations. This platform acts as a project manager so your staff can share files and make live updates to documents in real time – creating simultaneous applause around the office!

There are many packages and bundle opportunities from an email-only option to adding in Word, Excel, etc., making the options more affordable then traditional Office products. This variability can save you money by only buying what you really need for each employee and customizing each user to their role in the company. Office 365 can also connect to five devices – making your life more efficient and organized! Your laptop, phone, tablet, desktop – all connected versus being chained to your desk and non-mobile responsive!

Not to forget the tech specs, Office 365 is secure and can be configured with MFA (Multi-Factor Authentication) to legitimize logging in from each device. Real-time updates are a big deal when it comes to utilizing the features of Office 365 – users get the benefit of the latest upgrades possible versus living with what you bought one time in the past – why not be up-to-date all the time? TimbukTech bundles Office 365 with third-party security software, such as Proofpoint Essentials to provide enhanced spam protection, email encryption, and spoofing prevention. If your server goes down, Proofpoint serves as a bridge for email continuity by queuing up messages; you can access Proofpoint simply by logging on and proceeding business-as-usual without disruption and continual communication. Pairing these products together allows for a rigorous strategy of user-friendly work environments, workplace efficiencies, and hard-working network protection.

Contact us to visit with our team to get started with Office 365 today!


Don’t be a Cyber Crime Statistic – Why Your Business Needs Multi-Factor Authentication Now

Multi-Factor authentication or MFA is a process of verifying the credentials of a user attempting to connect to protected data. MFA is commonly described as something you have, as well as something you know. For example, a user has an email address and logs into their credit card information after receiving a text message with a code in order to proceed to the protected data. After receiving the authentication, users can rest assured, knowing they were the only user to receive this special code, confirming the security of the session.

Won’t this slow down my ability to quickly get the information I need?
No. MFA is easy to use and becomes a habit, just like any other security measure you have implemented into your security regime. The moment or two it takes to receive the authentication, can mean the difference between maintaining your company’s identity or letting it slip away by ignoring the challenges networks face in the age of criminal cyber activity.

With MFA enabled, hackers are less likely to be able to access both a user’s credentials and the resources the user is attempting to access. Two-factor authentication (2FA) or dual authentication, a subgroup of MFA indicating it takes two types of factors for identification purposes, is a common practice by which users produce two unique forms of credential confirmation. For example, a user may log into a banking website, possess a pin number AND a unique one-time passcode in order to access the information. This dual authentication allows for a unique-in-time-visitor-circumstance, allowing for peace of mind and corroboration that proper security measures are in place.

TimbukTech’s Managed IT Services guard against vulnerabilities and create long-lasting secure habits that lead to a healthy, robust network.

Contact us today to receive more information on implementing MFA in your network.


business partners shaking hands

Making your company more cyber aware

The biggest problem companies face when it comes to cybersecurity is often not the technology; it’s the people.  And hackers know this. That’s why it takes more than strong IT to keep your company safe.

Beyond technology, the best way to protect your business from cybercriminals is with a trained and educated cyber aware company culture. It may seem like a large and daunting company initiative, but it isn’t.  There are a few corner stones that continue to build up, along with continuing education and strong corporate communication.

Let them know cybersecurity is everyone’s job

Leadership is always where a company culture starts. Employees and contractors, from entry-level to senior management, need to feel that cybersecurity is important to the company. If the executive leadership team values cyber safety, it will trickle its way down to all corners of workplace.

Cybersecurity should be more than just the responsibility of the Information Technology department. A statement by leadership must be delivered that it is up to everyone, beyond IT, to keep cyber criminals out of the company’s network.

Management shouldn’t be the exception to the rule.  Management most often have the highest privileged accounts.  Allowing management to bypass those safeguard not only put the organization at risk but sets a bad tone from the top.

Train and test your staff

Posters, employee newsletters, training sessions and regular meetings are avenues to communicate across the organization about how everyone can be more cyber aware. Regardless of what methods you choose, you should train staff on a regular basis. Monthly training is highly suggested. It can be via email or face-to-face. Or both.

Beyond training, it is good to see that employees are understanding and retaining the cybersecurity information. While you can trust that the staff is paying attention, it is recommended to test your staff as well.

Send a mock phishing email a little while after a training session or communication. It would be interesting to see who, if anyone, falls prey to the false hack.  This shouldn’t be a gotcha for those employees but a change for the organization to focus on more advanced training.

Teach your team that the inbox is the hacker’s favorite target

Based on current trends, cyber attackers are finding email to be the best route for penetrating a company’s security defenses. Trends Labs reports that 91% of targeted cyber-attacks use email as their way to breach networks. Likewise, Ponemon reports that 78% of targeted email cyber-attacks use malware embedded in an attachment.

Addressing targeted email attacks from leadership and your technology department is an essential piece of puzzle when creating a cyber safe culture. This should certainly be a topic addressed in employee training and even onboarding.

Have a password update plan

According to Verizon’s 2017 Data Breach Investigations Report, as many as 81% of hacking-related breaches were caused by leveraging stolen or weak passwords.

Often, employees are not aware of the risks. That is why password education is a great topic to include in cybersecurity training. Require complex password structures and explain the reasoning behind it.  Do not allow people to use the default password for more than the first login.

Have a formal cybersecurity plan

Your technology team should contribute significantly to a cyber aware culture and with cybersecurity training. Have the IT folks develop formal cybersecurity training with a documented plan to accompany it. The plan should be reviewed and updated often. Too many companies create cybersecurity plans and teams only to find that the plan becomes dusty and the teams include staff that’s no longer at your company.

Ask for a cyber security advocate from each of your departments like HR, Finance, Sales & Marketing, etc. since this casts a wider net to learn about targeted phishing and helps show that cyber security isn’t just for IT anymore.

No matter how great your CIO or CTO might be, one person alone cannot fight cybercriminals. Create a cyber aware culture and get everyone at your organization involved.


Disaster Recovery Plan

Some stats on disaster recovery

If you’ve ever known disaster, whether it be natural or cyber, you know just how serious it can be. Obvious causes include storms that inflict on-site damage or malicious attacks, but even user error can trigger disaster at a moment’s notice. Regardless of how your business conceives of these threats, the cruel fact remains: 93% of companies without a data recovery plan face closure within a year of a major disaster.

According to phoenixNAP, over the past five years, half of all businesses have weathered a downtime event longer than a full working day. The most common causes are:

  • 45% - hardware failure
  • 35% - loss of power
  • 34% - software failure
  • 23% - external security breaches
  • 20% - accidental user error

According to DataCore, for the businesses that experienced a downtime event, only half were confident they could restore 100% of their data. Smaller and medium sized businesses face greater fallout from these disasters, often because they have fewer IT staff, and a smaller portion of funding allocated towards technology resources.

Reports have also found that 75% of small businesses do not have a disaster recovery plan in place, creating a huge liability for an already overtaxed budget. Given the tremendous cost associated with data recovery, roughly $100,000 per incident, small businesses face a more arduous recovery process.

Keep in mind that 1 in 3 businesses reported a virus or malware attack in the last five years. Also, 58% of businesses breaches in the last 12 months have been due to viruses and malware and only 2% of businesses were able to recover from their latest security event within an hour.

Fortunately, the majority of these problems are avoidable through strategic planning. 96% of companies with thorough disaster recovery and data backup plans were able to avoid the fallout from ransomware attacks. By leveraging a resource such as TimbukTech, your company will have the benefit of:

  • Disaster recovery
  • Retention and reporting
  • Data backup and restoration
  • High availability and shared storage
  • Infrastructure design and architecture

If you're looking to outfit your business with affordable, enterprise protection, contact a TimbukTech expert today.